Passleader 350-018 Exam Dumps Contain Almost 100% Correct Answers Ensure Your Pass (41-60)

Posted on by adminComments Off on Passleader 350-018 Exam Dumps Contain Almost 100% Correct Answers Ensure Your Pass (41-60)

QUESTION 41
Aggregate global IPv6 addresses begin with which bit pattern in the first 16-bit group?

A.    000/3
B.    001/3
C.    010/2
D.    011/2

Answer: B

QUESTION 42
Which layer of the OSI reference model typically deals with the physical addressing of interface cards?

A.    physical layer
B.    data-link layer
C.    network layer
D.    host layer

Answer: B

QUESTION 43
Which statement best describes a key difference in IPv6 fragmentation support compared to IPv4?

A.    In IPv6, IP fragmentation is no longer needed because all Internet links must have an IP MTU of 1280 bytes or greater.
B.    In IPv6, PMTUD is no longer performed by the source node of an IP packet.
C.    In IPv6, IP fragmentation is no longer needed since all nodes must perform PMTUD and send packets equal to or smaller than the minimum discovered path MTU.
D.    In IPv6, PMTUD is no longer performed by any node since the don’t fragment flag is removed from the IPv6 header.
E.    In IPv6, IP fragmentation is performed only by the source node of a large packet, and not by any other devices in the data path.

Answer: E

QUESTION 44
If a host receives a TCP packet with an SEQ number of 1234, an ACK number of 5678, and a length of 1000 bytes, what will it send in reply?

A.    a TCP packet with SEQ number: 6678, and ACK number: 1234
B.    a TCP packet with SEQ number: 2234, and ACK number: 5678
C.    a TCP packet with SEQ number: 1234, and ACK number: 2234
D.    a TCP packet with SEQ number: 5678, and ACK number 2234

Answer: D

QUESTION 45
A network administrator uses a LAN analyzer to troubleshoot OSPF router exchange messages sent to all OSPF routers. To which one of these MAC addresses are these messages sent?

A.    00-00-1C-EF-00-00
B.    01-00-5E-00-00-05
C.    01-00-5E-EF-00-00
D.    EF-FF-FF-00-00-05
E.    EF-00-00-FF-FF-FF
F.    FF-FF-FF-FF-FF-FF

Answer: B

QUESTION 46
Comparing and contrasting IKEv1 and IKEv2, which three statements are true? (Choose three.)

A.    IKEv2 adds EAP as a method of authentication for clients; IKEv1 does not use EAP.
B.    IKEv1 and IKEv2 endpoints indicate support for NAT-T via the vendor_ID payload.
C.    IKEv2 and IKEv1 always ensure protection of the identities of the peers during the negotiation process.
D.    IKEv2 provides user authentication via the IKE_AUTH exchange; IKEv1 uses the XAUTH exchange.
E.    IKEv1 and IKEv2 both use INITIAL_CONTACT to synchronize SAs.
F.    IKEv1 supports config mode via the SET/ACK and REQUEST/RESPONSE methods; IKEv2 supports only REQUEST/RESPONSE.

Answer: ADE

QUESTION 47
Which three statements about GDOI are true? (Choose three.)

A.    GDOI uses TCP port 848.
B.    The GROUPKEY_PULL exchange is protected by an IKE phase 1 exchange.
C.    The KEK protects the GROUPKEY_PUSH message.
D.    The TEK is used to encrypt and decrypt data traffic.
E.    GDOI does not support PFS.

Answer: BCD

QUESTION 48
Which three nonproprietary EAP methods do not require the use of a client-side certificate for mutual authentication? (Choose three.)

A.    LEAP
B.    EAP-TLS
C.    PEAP
D.    EAP-TTLS
E.    EAP-FAST

Answer: CDE

QUESTION 49
When you compare WEP to WPA (not WPA2), which three protections are gained? (Choose three.)

A.    a message integrity check
B.    AES-based encryption
C.    avoidance of weak Initialization vectors
D.    longer RC4 keys
E.    a rekeying mechanism

Answer: ACE

QUESTION 50
Which option shows the correct sequence of the DHCP packets that are involved in IP address assignment between the DHCP client and the server?

A.    REQUEST, OFFER, ACK
B.    DISCOVER, OFFER, REQUEST, ACK
C.    REQUEST, ASSIGN, ACK
D.    DISCOVER, ASSIGN, ACK
E.    REQUEST, DISCOVER, OFFER, ACK

Answer: B

Passleader 350-018 Exam Dumps Contain Almost 100% Correct Answers Ensure Your Pass

http://www.passleader.com/350-018.html

QUESTION 51
Which common FTP client command transmits a direct, byte-for-byte copy of a file?

A.    ascii
B.    binary
C.    hash
D.    quote
E.    glob

Answer: B

QUESTION 52
Which option is a desktop sharing application, used across a variety of platforms, with default TCP ports 5800/5801 and 5900/5901?

A.    X Windows
B.    remote desktop protocol
C.    VNC
D.    desktop proxy

Answer: C

QUESTION 53
Which two of the following provide protect against man-in-the-middle attacks? (Choose two.)

A.    TCP initial sequence number randomization?
B.    TCP sliding-window checking
C.    Network Address Translation
D.    IPsec VPNs
E.    Secure Sockets Layer

Answer: DE

QUESTION 54
An exploit that involves connecting to a specific TCP port and gaining access to an administrative command prompt is an example of which type of attack?

A.    botnet
B.    Trojan horse
C.    privilege escalation
D.    DoS

Answer: C

QUESTION 55
When configuring an Infrastructure ACL (iACL) to protect the IPv6 infrastructure of an enterprise network, where should the iACL be applied??

A.    all infrastructure devices in both the inbound and outbound direction
B.    all infrastructure devices in the inbound direction
C.    all infrastructure devices in the outbound direction
D.    all parameter devices in both the inbound and outbound direction
E.    all parameter devices in the inbound direction
F.    all parameter devices in the outbound direction

Answer: E

QUESTION 56
What feature on the Cisco ASA is used to check for the presence of an up-to-date antivirus vendor on an AnyConnect client?

A.    Dynamic Access Policies with no additional options
B.    Dynamic Access Policies with Host Scan enabled
C.    advanced endpoint assessment
D.    LDAP attribute maps obtained from Antivirus vendor

Answer: B

QUESTION 57
What type of attack consists of injecting traffic that is marked with the DSCP value of EF into the network?

A.    brute-force attack
B.    QoS marking attack
C.    DHCP starvation attack
D.    SYN flood attack

Answer: B

QUESTION 58
Which statement is true regarding Cisco ASA operations using software versions 8.3 and later?

A.    The global access list is matched first before the interface access lists.
B.    Both the interface and global access lists can be applied in the input or output direction.
C.    When creating an access list entry using the Cisco ASDM Add Access Rule window, choosing "global" as the interface will apply the access list entry globally.
D.    NAT control is enabled by default.
E.    The static CLI command is used to configure static NAT translation rules.

Answer: A

QUESTION 59
Which three multicast features are supported on the Cisco ASA? (Choose three.)

A.    PIM sparse mode?
B.    IGMP forwarding?
C.    Auto-RP
D.    NAT of multicast traffic?

Answer: ABD

QUESTION 60
Which three configuration tasks are required for VPN clustering of AnyConnect clients that are connecting to an FQDN on the Cisco ASA?? (Choose three.)

A.    The redirect-fqdn command must be entered under the vpn load-balancing sub-configuration.
B.    Each ASA in the VPN cluster must be able to resolve the IP of all DNS hostnames that are used in the cluster?.
C.    The identification and CA certificates for the master FQDN hostname must be imported into each VPN cluster-member device?.
D.    The remote-access IP pools must be configured the same on each VPN cluster-member interface.

Answer: ABC

Passleader 350-018 Exam Dumps Contain Almost 100% Correct Answers Ensure Your Pass

http://www.passleader.com/350-018.html